Environment
- EDR Sensor: All Supported Versions
- App Control Agent: All Supported Versions
- Microsoft Windows: All Supported Versions
Objective
How to properly enable Tamper Protect when the EDR Sensor and App Control Agent are both installed on the same endpoint.
Resolution
Additional Notes
- Enabling the Rapid Config in App Control when Tamper Protection is already enabled in EDR is not recommended, and does not provide extra protection.
- The App Control Rapid Config is designed to be used only when EDR Tamper Protection cannot be.
- Any Windows sensor in a Sensor Group that has Tamper Protection applied but does not meet the minimum OS requirements will default to Tamper Detection.
- Requirements for EDR Windows Tamper Protection:
- Minimum OS Versions of Windows 10 v1703 (Desktop) or Windows Server v1709 (Windows build 15163)
- Minimum Carbon Black EDR versions of v7.2.0 Windows EDR sensor and
- v7.4.0 Carbon Black EDR Server
Related Content